<?php

class Auditing{
    

    /**
     * check funtion for hasPermissionForGameModule(), if no permission then 403.
     *
     * @param int   $requested_gameid
     * @param string    $module  'any','alert','number'
     */
    public static function permissionCheckGameModule($requested_gameid, $module){
        if(!self::hasPermissionForGameModule($requested_gameid, $module)){
            self::run403();
        }        
    }
    
    /**
     * if curren user has permission for a given game 's module
     *
     * @param int   $requested_gameid
     * @param string    $module  'any','alert','number'
     * @return bool
     */
    public static function hasPermissionForGameModule($requested_gameid, $module){
        if(empty($requested_gameid) && empty($module)){
            return false;
        }
        
        $ok = false;
        //$has_permission_game_ids = TheUser::getGameCodes();
        
        switch($module){
            case 'any':
                $ok = TheUser::hasRolecode(array('admin.super','admin.alert','admin.number'))
                      ||  TheUser::hasRolecode(array('game.super','game.alert','game.number'));
                break;
          /*  case 'alert':
                $ok = TheUser::hasRolecode(array('admin.super','admin.alert')) || in_array($requested_gameid,$has_permission_game_ids);
                break;
            case 'number':
                $ok = TheUser::hasRolecode(array('admin.super','admin.number')) || in_array($requested_gameid,$has_permission_game_ids);
                break;
            case 'perform':
                $ok = TheUser::hasRolecode(array('admin.super','admin.perform')) || in_array($requested_gameid,$has_permission_game_ids);
                break;*/
            default:
                $ok = TheUser::hasRolecode(array('admin.super', 'admin.'.$module, 'game.super.'.$requested_gameid, 'game.'.$module.'.'.$requested_gameid));
                break;          
        }
        return $ok;
    }

    public static function run403(){
		header('HTTP/1.1 403 Forbidden');
		echo '<h1>no access rights, :(</h1>';
		exit;        
    }    
    
    public static function run400($message = null){
		header('HTTP/1.1 400 Bad Request');
		if($message == null)
		{
		  echo '<h1>Bad Request,:(</h1>';
		}
		else
		{
		  echo '<h1>'.$message.'</h1>';    
		}
		exit;        
    }    
    
    public static function permissionCheckByRoleCodes($codes){
        if(!TheUser::hasRolecode($codes)){
            self::run403();
        }        
    }
}